Personal car data is the auto industry’s new gold rush. Cars collect more data than our phones. Consumers deserve privacy in their vehicles, and California must lead the way on this issue.
A huge amount of information is collected as you drive, including your shopping habits, credit score, text messages, and even your sexual orientation. A total consumer profile is created to sell you things. This data is transmitted at a rate of 25 gigabytes per hour to the car manufacturers’ cloud. And companies share it.
And the targeted advertising we see on our browsers, inboxes and social media feeds is coming to the driver’s seat.
Chevrolet’s OnStar service transmits user data to applications such as Domino’s and Shell, among others, according to the Washington Post.
Starbucks tracks your geolocation, so it can know the best time to flash you with a coupon and redirect you to the drive-thru. This amounts to what is called “behavior modification”.
Software maker Telenav is developing in-car advertising, touting its “freemium” model popularized by streaming services such as Hulu and Spotify, in which, in exchange for free services, drivers will be flashed with advertisements. In an article on its website titled “Why in-vehicle advertising works,” Telenav’s case boils down to “advertising is worth it to the consumer” without considering security and privacy. In this world of car surveillance and commerce, Telenav says there is a big opportunity to capitalize on the $212 billion that commuters spend while driving.
Discrimination is another concern. Although charging car insurance premiums by ZIP code is illegal in California, providers could try to use the data to discriminate against people based on the neighborhoods they frequent. According to The Intercept, law enforcement already has access to this data and evades traditional warrant requirements by tapping into information downloaded from a USB port.
Although location data can be turned off on your cell phone, there is no turn off feature for your car yet. With the end of federal protections for those seeking abortions, technological surveillance will almost surely be weaponized in the form of criminal prosecutions against women. One of the safeguards is making sure people can protect their privacy and geolocation from intrusive activity.
Fortunately, California should be the first in the country to opt out for precise geolocation. This summer, the California Privacy Protection Agency resumes drafting the rules as it implements the California Privacy Rights Act, a fundamental new privacy initiative passed by voters in 2020.
Automakers and insurance companies are fighting back, saying the law is unenforceable and they need the data for their products, such as emergency services, to work. But they weaponize security and use the same tracking consent form for a multitude of reasons. It is a false choice.
Consumers do not have to choose between their security and the use of their data for other tracking purposes. The thing is, cars don’t need to share your private information to let you drive.
One of the biggest misconceptions is that technology makes driving safer. This is not the case. The number of fatalities per 100,000 miles traveled rose in 2020 by nearly 25%, according to the National Safety Council, marking the largest annual increase the organization has seen in nearly 100 years. Traffic fatalities have increased in 2021, prompting the federal government to act. And the death toll could rise if companies increasingly turn our vehicles into consumer vessels – or worse, make them vulnerable to hacking.
The California Privacy Protection Agency has the ability to put privacy and security ahead of automaker profits. That’s what voters demanded when they passed Proposition 24, the California Privacy Rights Act. The public will be able to respond to the proposed settlement when the privacy council meets for public hearings on August 24 and 25.
Justin Kloczko tracks tech privacy for Consumer Watchdog, a nonprofit organization that advocates on behalf of taxpayers and consumers.